git.ipfire.org Git - thirdparty/bind9.git/commit

]> git.ipfire.org Git - thirdparty/bind9.git/commit

projects / thirdparty / bind9.git / commit

author	Ondřej Surý <ondrej@sury.org>
	Fri, 26 Nov 2021 08:14:58 +0000 (09:14 +0100)
committer	Evan Hunt <each@isc.org>
	Wed, 1 Dec 2021 19:45:55 +0000 (11:45 -0800)
commit	10f4f1a25071a6de260e61eb2cd79dfea97d6a97
tree	5dc3e5a9f9a1bb5165f6d679cd752b6dc155a4c8	tree \| snapshot
parent	9230473324827311beabfc7d80c06f3f9697b45a	commit \| diff

Shutdown all TCP connection on invalid DNS message

Previously, when invalid DNS message is received over TCP we throw the
garbage DNS message away and continued looking for valid DNS message
that would match our outgoing queries. This logic makes sense for UDP,
because anyone can send DNS message over UDP.

Change the logic that the TCP connection is closed when we receive
garbage, because the other side is acting malicious.

lib/dns/dispatch.c

diff | blob | blame | history

Mirror of https://gitlab.isc.org/isc-projects/bind9.git

RSS Atom